Patchwork-based audio watermarking method robust to de-synchronization attacks

This paper presents a patchwork-based audio watermarking method to resist de-synchronization attacks such as pitch-scaling, time-scaling, and jitter attacks. At the embedding stage, the watermarks are embedded into the host audio signal in the discrete cosine transform (DCT) domain. Then, a set of synchronization bits are implanted into the watermarked signal in the logarithmic DCT (LDCT) domain. At the decoding stage, we analyze the received audio signal in the LDCT domain to find the scaling factor imposed by an attack. Then, we modify the received signal to remove the scaling effect, together with the embedded synchronization bits. After that, watermarks are extracted from the modified signal. Simulation results show that at the embedding rate of 10 bps, the proposed method achieves 98.9% detection rate on average under the considered de-synchronization attacks. At the embedding rate of 16 bps, it can still obtain 94.7% detection rate on average. So, the proposed method is much more robust to de-synchronization attacks than other patchwork watermarking methods. Compared with the audio watermarking methods designed for tackling de-synchronization attacks, our method has much higher embedding capacity.

Defense against packet dropping attacks in opportunistic networks

Opportunistic networks (OppNets) are an interesting topic that are seen to have a promising future. Many protocols have been developed to accommodate the features of OppNets such as frequent partitions, long delays, and no end-to-end path between the source and destination nodes. Embedding security into these protocols is challenging and has taken a lot of attention in research. One of the attacks that OppNets are exposed to is the packet dropping attack, where the malicious node attempts to drop some packets and forwards an incomplete number of packets which results in the distortion of the message. To increase the security levels in OppNets, this paper presents an algorithm developed to detect packet dropping attacks, and finds the malicious node that attempted the attack. The algorithm detects the attack by using an indicative field in the header section of each packet; the indicative field has 3 sub fields - the identification field, the flag field, and the offset field. These 3 fields are used to find if a node receives the complete original number of packets from the previous node. The algorithm will have the advantage of detecting packets dropped by each intermediate node, this helps solve the difficulties of finding malicious nodes by the destination node only.

Detection and defense of application-layer DDoS attacks in backbone web traffic

Web servers are usually located in a well-organized data center where these servers connect with the outside Internet directly through backbones. Meanwhile, the application-layer distributed denials of service (AL-DDoS) attacks are critical threats to the Internet, particularly to those business web servers. Currently, there are some methods designed to handle the AL-DDoS attacks, but most of them cannot be used in heavy backbones. In this paper, we propose a new method to detect AL-DDoS attacks. Our work distinguishes itself from previous methods by considering AL-DDoS attack detection in heavy backbone traffic. Besides, the detection of AL-DDoS attacks is easily misled by flash crowd traffic. In order to overcome this problem, our proposed method constructs a Real-time Frequency Vector (RFV) and real-timely characterizes the traffic as a set of models. By examining the entropy of AL-DDoS attacks and flash crowds, these models can be used to recognize the real AL-DDoS attacks. We integrate the above detection principles into a modularized defense architecture, which consists of a head-end sensor, a detection module and a traffic filter. With a swift AL-DDoS detection speed, the filter is capable of letting the legitimate requests through but the attack traffic is stopped. In the experiment, we adopt certain episodes of real traffic from Sina and Taobao to evaluate our AL-DDoS detection method and architecture. Compared with previous methods, the results show that our approach is very effective in defending AL-DDoS attacks at backbones. © 2013 Elsevier B.V. All rights reserved.

Can we beat DDoS attacks in clouds?

Cloud is becoming a dominant computing platform. Naturally, a question that arises is whether we can beat notorious DDoS attacks in a cloud environment. Researchers have demonstrated that the essential issue of DDoS attack and defense is resource competition between defenders and attackers. A cloud usually possesses profound resources and has full control and dynamic allocation capability of its resources. Therefore, cloud offers us the potential to overcome DDoS attacks. However, individual cloud hosted servers are still vulnerable to DDoS attacks if they still run in the traditional way. In this paper, we propose a dynamic resource allocation strategy to counter DDoS attacks against individual cloud customers. When a DDoS attack occurs, we employ the idle resources of the cloud to clone sufficient intrusion prevention servers for the victim in order to quickly filter out attack packets and guarantee the quality of the service for benign users simultaneously. We establish a mathematical model to approximate the needs of our resource investment based on queueing theory. Through careful system analysis and real-world data set experiments, we conclude that we can defeat DDoS attacks in a cloud environment. © 2013 IEEE.

Cyber attacks against supply chain management systems: A short note

Supply chain management (SCM) is increasingly dependent on electronic systems. At the same time, the vulnerability of these systems to attack from malicious individuals or groups is growing. This paper examines some of the forms such attacks can take, and their relevance to the supply function. Provides examples of attacks. Concludes that companies should consider the security aspects of electronic commerce before developing their systems. © MCB University Press.

Fool me if you can: mimicking attacks and anti-attacks in cyberspace

Botnets have become major engines for malicious activities in cyberspace nowadays. To sustain their botnets and disguise their malicious actions, botnet owners are mimicking legitimate cyber behavior to fly under the radar. This poses a critical challenge in anomaly detection. In this paper, we use web browsing on popular web sites as an example to tackle this problem. First of all, we establish a semi-Markov model for browsing behavior. Based on this model, we find that it is impossible to detect mimicking attacks based on statistics if the number of active bots of the attacking botnet is sufficiently large (no less than the number of active legitimate users). However, we also find it is hard for botnet owners to satisfy the condition to carry out a mimicking attack most of the time. With this new finding, we conclude that mimicking attacks can be discriminated from genuine flash crowds using second order statistical metrics. We define a new fine correntropy metrics and show its effectiveness compared to others. Our real world data set experiments and simulations confirm our theoretical claims. Furthermore, the findings can be widely applied to similar situations in other research fields.

Defence against code injection attacks

Code injection attacks are considered serious threats to the Internet users. In this type of attack the attacker injects malicious codes in the user programs to change or divert the execution flows. In this paper we explore the contemporary defence strategies against code injection attacks (CIAs) and underline their limitations. To overcome these limitations, we suggest a number of countermeasure mechanisms for protecting from CIAs. Our key idea relies on the multiplexing technique to preserve the exact return code to ensure the integrity of program execution trace of shell code. This technique also maintains a FIFO (first in first out) queue to defeat the conflict state when multiple caller method makes a call simultaneously. Finally, our technique can provide better performance, in terms of protection and speed, in some point compared to the CFI (control flow integrity) as well as CPM (code pointer masking) techniques.

Speculative attacks on debts and optimum currency area: a welfare analysis

Traditionally the issue of an optimum currency area is based on the theoretical underpinnings developed in the 1960s by McKinnon [13], Kenen [12] and mainly Mundell [14], who is concerned with the benefits of lowering transaction costs vis-à- vis adjustments to asymmetrical shocks. Recently, this theme has been reappraised with new aspects included in the analysis, such as: incomplete markets, credibility of monetary policy and seigniorage, among others. For instance, Neumeyer [15] develops a general equilibrium model with incomplete asset markets and shows that a monetary union is desirable when the welfare gains of eliminating the exchange rate volatility are greater than the cost of reducing the number of currencies to hedge against risks. In this paper, we also resort to a general equilibrium model to evaluate financial aspects of an optimum currency area. Our focus is to appraise the welfare of a country heavily dependent on foreign capital that may suffer a speculative attack on its public debt. The welfare analysis uses as reference the self-fulfilling debt crisis model of Cole and Kehoe ([6], [7] and [8]), which is employed here to represent dollarization. Under this regime, the national government has no control over its monetary policy, the total public debt is denominated in dollars and it is in the hands of international bankers. To describe a country that is a member of a currency union, we modify the original Cole-Kehoe model by including public debt denominated in common currency, only purchased by national consumers. According to this rule, the member countries regain some influence over the monetary policy decision, which is, however, dependent on majority voting. We show that for specific levels of dollar debt, to create inflation tax on common-currency debt in order to avoid an external default is more desirable than to suspend its payment, which is the only choice available for a dollarized economy when foreign creditors decide not to renew their loans.

Speculative attacks, openness and crises

In this paper we propose a dynamic stochastic general equilibrium model to evaluate financial adjustments that some emerging market economies went through to overcome external crises during the latest decades, such as default and local currency devaluation. We assume that real devaluation can be used to avoid external debt default, to improve trade balance and to reduce the real public debt level denominated in local currency. Such effects increase the government ability to deal with external crisis, but also have costs in terms of welfare, related to expected inflation, reductions in private investments and higher interest to be paid over the public debt. We conclude that openness improves expected welfare as it allows for a better devaluation-response technology against crises. We also present results for 32 middle-income countries, verifying that the proposed model can indicate, in a stylized way, the preferences for default-devaluation options and the magnitude of the currency depreciation required to overcome 48 external crises occurred as from 1971. Finally, as we construct our model based on the Cole-Kehoe self-fulfilling debt crisis model ([7]), adding local debt and trade, it is important to say that their policy alternatives to leave the crisis zone remains in our extended model, namely, to reduce the external debt level and to lengthen its maturity.

Speculative attacks on debts, dollarization and optimum currency areas

The purpose of this article is to contribute to the discussion of the financial aspects of dollarization and optimum currency areas. Based on the model of self-fulfilling debt crisis developed by Cole and Kehoe [4], it is possible to evaluate the comparative welfare of economies, which either keep their local currency and an independent monetary policy, join a monetary union or adopt dollarization. In the two former monetary regimes, governments can issue debt denominated, respectively, in local and common currencies, which is completely purchased by national consumers. Given this ability, governments may decide to impose an inflation tax on these assets and use the revenues so collected to avoid an external debt crises. While the country that issues its own currency takes this decision independently, a country belonging to a monetary union depends on the joint decision of all member countries about the common monetary policy. In this way, an external debt crises may be avoided under the local and common currency regimes, if, respectively, the national and the union central banks have the ability to do monetary policy, represented by the reduction in the real return on the bonds denominated in these currencies. This resource is not available under dollarization. In a dollarized economy, the loss of control over national monetary policy does not allow adjustments for exogenous shocks that asymmetrically affect the client and the anchor countries, but credibility is strengthened. On the other hand, given the ability to inflate the local currency, the central bank may be subject to the political influence of a government not so strongly concerned with fiscal discipline, which reduces the welfare of the economy. In a similar fashion, under a common currency regime, the union central bank may also be under the influence of a group of countries to inflate the common currency, even though they do not face external restrictions. Therefore, the local and common currencies could be viewed as a way to provide welfare enhancing bankruptcy, if it is not abused. With these peculiarities of monetary regimes in mind, we simulate the levels of economic welfare for each, employing recent data for the Brazilian economy.

Do police reduce crime? Estimates using the allocation of police forces after a terrorist attack

An important challenge in the crime literature is to isolate causal effects of police on crime. Following a terrorist attack on the main Jewish center in the city of Buenos Aires, Argentina, in July 1994, all Jewish institutions (including schools, synagogues, and clubs) were given 24-hour police protection. Thus, this hideous event induced a geographical allocation of police forces that can be presumed to be exogenous in a crime regression. Using data on the location of car thefts before and after the terrorist attack, we find a large deterrent effect of observable police presence on crime. The effect is local, with little or no appreciable impact outside the narrow area in which the police are deployed.

Hypercapnic ventilatory response of anesthetized female rats subjected to neonatal maternal separation: Insight into the origins of panic attacks?

Neonatal maternal separation (NMS) is a form of stress that interferes with the regulation of the stress response, an effect that predisposes to the emergence of panic and anxiety related disorders. We previously showed that at adulthood, awake female (but not male) rats subjected to NMS show a hypercapnic ventilatory response (HCVR; 5% CO(2)) that is 63% greater than controls (Genest et al., 2007). To understand the mechanisms underlying the sex-specific effects of NMS on the ventilatory response to CO(2), we used two different anesthetized female rat preparations to assess central CO(2) chemosensitivity and contribution of sensory afferents (stretch receptors and peripheral chemoreceptors) that influence the HCVR. Data show that anesthesia eliminated the respiratory phenotype observed previously in awake females and CO(2) chemosensitivity did not differ between groups. Finally, the assessment of the ovarian hormone levels across the oestrus cycle failed to reveal significant differences between groups. Since anesthesia did not affect the manifestation of NMS-related respiratory dysfunction in males (including the hypercapnic ventilatory response) (Kinkead et al., 2005; Dumont and Kinkead, 2010), we propose that the panic or anxiety induced by CO(2) during wakefulness is responsible for enhancement of the HCVR in NMS females. (C) 2011 Elsevier B.V. All rights reserved.

Piranha attacks in dammed streams used for human recreation in the State of São Paulo, Brazil

Ataques por piranhas vêm se tornando um problema comum em trechos represados de rios e córregos no estado de São Paulo, Sudeste do Brasil. em dois surtos ocorridos em dois municípios vizinhos no noroeste do estado, 74 banhistas foram mordidos. Uma mordida por pessoa foi registrada, em curto período do ano. As mordidas estão relacionadas a cuidado parental e/ou defesa do território de desova, o que reforça estudos anteriores e desmistifica os ataques por este peixe lendário, da maneira como são popularmente percebidos. A colocação de redes de malha fina e a remoção de vegetação aquática cessaram os ataques.